ClawHub
Code Pluginsource linked

NBJ OB1 Agent Memory for OpenClawv0.1.6

Governed NBJ OB1 Agent Memory tools for OpenClaw: recall before work, write back after, inspect everything.

@natebjones/ob1-agent-memory·runtime nbj-ob1-agent-memory·by @natebjones
Community code plugin. Review compatibility and verification before install.
openclaw plugins install clawhub:@natebjones/ob1-agent-memory
Latest release: v0.1.6Download zip

Capabilities

Tags
executes-codekind:memoryartifact:npm-packnpm-mirror:available
configSchema
Yes
Executes code
Yes
HTTP routes
0
Plugin kind
memory
Runtime ID
nbj-ob1-agent-memory

Compatibility

Built With Open Claw Version
2026.3.24-beta.2
Min Gateway Version
2026.3.24-beta.2
Plugin Api Range
>=2026.3.24-beta.2
Plugin Sdk Version
2026.3.24-beta.2
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The registered openbrain_* tools match the stated memory purpose: recall, writeback, usage reporting, inspection, review queue access, review actions, and recall trace debugging against a configured OB1 endpoint.
Instruction Scope
The bundled skill tells agents to recall before meaningful work and write compact post-task memory, with explicit limits against storing transcripts, secrets, large code blocks, or private customer data dumps.
!
Install Mechanism
There is no postinstall script, but package metadata permits OpenClaw >=2026.3.24-beta.2, which scanner evidence flags as a known-vulnerable beta host; the README recommends newer OpenClaw versions but the compatibility metadata does not enforce that.
Credentials
Network access and access-key use are expected for a configured memory API and are disclosed through configSchema and README guidance, including SecretRef use and explicit tools.allow setup.
!
Persistence & Privilege
Persistent memory writes and review-state changes are core to the plugin, but the smoke harness enables the plugin and performs writeback/review actions against the selected profile without a confirmation gate or isolated default test profile.
Scan Findings in Context
[SQP-2] expected: The smoke script's plugin enablement and openbrain_writeback flow are consistent with a native smoke test and are documented, but the lack of confirmation or dry-run makes accidental mutation of a real profile plausible.
[SC4] unexpected: Declaring compatibility with a known-vulnerable OpenClaw beta is not required for the memory-plugin purpose and is the main reason for Review rather than benign.
[suspicious.exposed_secret_literal] expected: Static scan appears to flag assignment of a configured accessKey field, not a hardcoded secret literal; access-key handling is expected for the configured OB1 API client.
What to consider before installing
Install only on a patched OpenClaw host, prefer the README's newer-version guidance over the beta minimum in metadata, store the OB1 access key via SecretRef, and run the smoke harness only against an isolated test profile or workspace unless you are comfortable with it writing and reviewing persistent memory.
dist/index.js:19
File appears to expose a hardcoded API secret or token.
src/client.ts:31
File appears to expose a hardcoded API secret or token.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/NateBJones-Projects/OB1
Commit
722c2b464bb3
Tag
codex/nat-999-openclaw-clawhub-install
Provenance
No
Scan status
suspicious

Tags

agent-memory
0.1.6
latest
0.1.6
nate-jones
0.1.6
nbj
0.1.6
ob1
0.1.6
openbrain
0.1.6
openclaw
0.1.6
provenance
0.1.6

NBJ OB1 Agent Memory for OpenClaw

Governed Nate Jones OB1 memory for OpenClaw: recall before the task, write back after, inspect everything.

Built by Nate B. Jones / OB1. Follow Nate for practical AI systems, agent workflows, and implementation notes: Substack and natebjones.com.

Install

Recommended for OpenClaw 2026.5.7 and newer:

openclaw plugins install clawhub:@natebjones/ob1-agent-memory

OpenClaw 2026.5.2 predates the current ClawHub npm-pack resolver metadata path. Use the published tarball fallback on that host version:

curl -fsSL \
  https://clawhub.ai/api/npm/@natebjones/ob1-agent-memory/-/natebjones-ob1-agent-memory-0.1.6.tgz \
  -o natebjones-ob1-agent-memory-0.1.6.tgz

openclaw plugins install ./natebjones-ob1-agent-memory-0.1.6.tgz

The package is published on ClawHub as @natebjones/ob1-agent-memory.

For local linked development:

npm install --ignore-scripts --omit=peer
npm run build
openclaw --profile ob1-agent-memory plugins install . --link

Required Config

{
  secrets: {
    providers: {
      ob1_agent_memory: {
        type: "file",
        path: "/path/to/ob1-agent-memory-key",
        mode: "singleValue"
      }
    }
  },
  tools: {
    allow: [
      "group:openclaw",
      "openbrain_recall",
      "openbrain_writeback",
      "openbrain_report_usage",
      "openbrain_inspect_memory",
      "openbrain_list_review_queue",
      "openbrain_review_memory",
      "openbrain_get_recall_trace"
    ]
  },
  plugins: {
    entries: {
      "nbj-ob1-agent-memory": {
        config: {
          endpoint: "https://YOUR_PROJECT_REF.supabase.co/functions/v1/agent-memory-api",
          accessKey: {
            source: "file",
            provider: "ob1_agent_memory",
            id: "value"
          },
          workspaceId: "workspace_123",
          projectId: "project_456"
        }
      }
    }
  }
}

Configure secrets.providers.ob1_agent_memory with a file or exec provider before enabling the plugin. The plugin resolves OpenClaw SecretRefs at tool execution time so the access key does not need to live in plaintext config. Env SecretRefs are intentionally not used in the launch package so OpenClaw's install-time safety scan does not classify the memory client as env-to-network credential forwarding.

Current OpenClaw builds also require explicit tools.allow entries before plugin tools are exposed to the model. plugins inspect --runtime can show the plugin is registered even when the agent cannot see the tools, so run a native tool smoke test after enabling the plugin.

Install the paired skill from ClawHub or use the bundled plugin skill so agents respect OB1 provenance, review, and use-policy rules.

Local validation target: openclaw --profile ob1-agent-memory plugins inspect nbj-ob1-agent-memory --runtime --json should list all seven openbrain_* tools and no diagnostics.

Native smoke target: run an OpenClaw agent turn that calls openbrain_list_review_queue with no shell/file tools. The result should show an openbrain_list_review_queue tool call and zero failures.

For the repeatable full loop harness:

OPENCLAW_BIN="/home/lej/.local/bin/openclaw" \
OPENCLAW_PROFILE="personal" \
OPENCLAW_AGENT="jonathan" \
npm run smoke:native

The harness enables the plugin, verifies runtime registration for all seven openbrain_* tools, runs a native agent turn that calls every OB1 tool, parses the session transcript for non-OB1 tool calls and tool errors, and disables the plugin again by default.